by 安全扫描
OpenClaw
安全
high confidenceInstructions and requirements match the stated purpose: a browser-driven X/Twitter CLI using the OpenClaw browser tool; nothing requested is disproportionate to that purpose.
评估建议
This skill is coherent for interacting with X/Twitter via the OpenClaw browser tool. Before installing, consider: (1) it requires a browser profile with an active X session — that profile can perform any action your account can, so only use with trusted agents and profiles; (2) snapshots and UI interactions may expose page contents to the agent; avoid using your primary account if you are unsure — test with a disposable account first; (3) keep manual-confirmation steps enabled for posting action...详细分析 ▾
✓ 用途与能力
Name and description describe browser-based X/Twitter control; SKILL.md contains only browser tool actions (open, snapshot, act) targeted at x.com and standard UI flows (post, like, repost, reply, search). No unrelated binaries, env vars, or config paths are requested.
✓ 指令范围
Runtime instructions are limited to operating the OpenClaw browser profile (open pages, take snapshots, click/type) and to navigate X/Twitter UI. The skill does not instruct reading local files, extracting unrelated credentials, or sending data to other external endpoints. It does require manual login and recommends user confirmation before posts.
✓ 安装机制
No install spec or code files — instruction-only. This is the lowest-risk install model (nothing will be written to disk by the skill itself).
ℹ 凭证需求
The skill requests no environment variables or external credentials, which is appropriate. However, it requires control of an existing OpenClaw browser profile (named 'openclaw') and access to the logged-in X/Twitter session; that effectively grants the agent the same capabilities as the user in that browser session (post, like, follow, read DMs if reachable). This is proportionate to a browser-based CLI but is sensitive — the browser session carries authentication privileges.
ℹ 持久化与权限
Flags: always=false and no special persistence requested. The skill is user-invocable and can be invoked autonomously per platform defaults; combined with browser-profile access this is a capable privilege but not an unusual or unexplained request for a browser-driven Twitter CLI.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/2/1
- No changes detected in this version. - No file modifications or updates were made. - Functionality and documentation remain the same as the previous version.
● 无害
安装命令 点击复制
官方npx clawhub@latest install chirp
镜像加速npx clawhub@latest install chirp --registry https://cn.clawhub-mirror.com
技能文档
OpenClaw browser 도구로 X/Twitter 조작하기. bird CLI의 browser 기반 대안.
Prerequisites
환경 요구사항
- OpenClaw with browser tool enabled
openclawbrowser profile- X/Twitter 계정 로그인 완료
Headless 서버인 경우
Xvfb 가상 디스플레이 필요 (spool 스킬의 Prerequisites 참고)
로그인 (처음 한 번만)
browser action=start profile=openclaw
browser action=open profile=openclaw targetUrl="https://x.com/login"
# 사용자에게 수동 로그인 요청
사용법
1. 타임라인 읽기
browser action=open profile=openclaw targetUrl="https://x.com/home"
browser action=snapshot profile=openclaw compact=true
각 article에서 작성자, 내용, 좋아요/리트윗/답글 수 확인 가능.
2. 트윗 작성
Step 1: 홈에서 텍스트박스 찾기
browser action=open profile=openclaw targetUrl="https://x.com/home"
browser action=snapshot profile=openclaw compact=true
textbox "Post text" ref 찾기Step 2: 내용 입력
browser action=act profile=openclaw request={"kind":"click","ref":""}
browser action=act profile=openclaw request={"kind":"type","ref":"","text":"트윗 내용"}
Step 3: Post 버튼 클릭
browser action=snapshot profile=openclaw compact=true
button "Post" ref 찾기 (disabled 아닌 것)
browser action=act profile=openclaw request={"kind":"click","ref":""}
3. 좋아요 누르기
타임라인에서 article 내 button "Like" 또는 button "X Likes. Like" ref 찾아서:
browser action=act profile=openclaw request={"kind":"click","ref":""}
4. 리트윗
button "Repost" 또는 button "X reposts. Repost" ref 찾아서:
browser action=act profile=openclaw request={"kind":"click","ref":""}
browser action=snapshot profile=openclaw compact=true
# "Repost" 옵션 선택
browser action=act profile=openclaw request={"kind":"click","ref":""}
5. 답글 달기
방법 1: 타임라인에서
browser action=act profile=openclaw request={"kind":"click","ref":""}
browser action=snapshot profile=openclaw compact=true
# 답글 입력창에 텍스트 입력 후 Reply 버튼 클릭
방법 2: 트윗 페이지에서
browser action=open profile=openclaw targetUrl="https://x.com/username/status/1234567890"
browser action=snapshot profile=openclaw compact=true
# 답글 입력창 찾아서 입력
6. 프로필 보기
browser action=open profile=openclaw targetUrl="https://x.com/username"
browser action=snapshot profile=openclaw compact=true
7. 검색
browser action=open profile=openclaw targetUrl="https://x.com/search?q=검색어&src=typed_query"
browser action=snapshot profile=openclaw compact=true
8. 팔로우
프로필 페이지에서 button "Follow" ref 찾아서:
browser action=act profile=openclaw request={"kind":"click","ref":""}
핵심 포인트
- snapshot 먼저 - 모든 작업 전에 현재 상태 확인
- ref는 매번 달라짐 - snapshot에서 항상 새로 찾기
- compact=true - 토큰 절약
- article 구조 - 각 트윗은 article 요소, 내부에 작성자/내용/버튼들
- 트윗 전 확인 - 사용자에게 내용 확인받기
트러블슈팅
| 문제 | 해결 |
|---|---|
| browser 안 됨 | Xvfb 확인, DISPLAY=:99, Gateway 재시작 |
| 로그인 안 됨 | /login으로 이동 후 수동 로그인 |
| Post 버튼 disabled | 텍스트 입력 확인 |
| Rate limit | 잠시 대기 후 재시도 |
vs bird CLI
| 기능 | bird CLI | chirp (browser) |
|---|---|---|
| 설치 | brew 필요 | Xvfb만 있으면 됨 |
| 인증 | 쿠키 추출 | 브라우저 세션 |
| 안정성 | API 기반 | UI 의존 (변경 가능) |
| 속도 | 빠름 | 약간 느림 |
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制